diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 94151430f..2064d8dda 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -34,6 +34,26 @@ ifneq ($(filter integer_overflow, $(my_global_sanitize)),)
   endif
 endif
 
+# Enable integer overflow sanitizer in included paths.
+# (includes override excludes)
+ifeq ($(my_clang),true)
+  ifndef LOCAL_IS_HOST_MODULE
+    ifeq ($(filter integer_overflow, $(my_sanitize)),)
+      combined_include_paths := $(DEFAULT_INTEGER_OVERFLOW_PATHS) \
+                            $(INTEGER_OVERFLOW_INCLUDE_PATHS) \
+                            $(PRODUCT_INTEGER_OVERFLOW_INCLUDE_PATHS)
+      ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
+             $(filter $(dir)%,$(LOCAL_PATH)))),)
+        my_global_sanitize := integer_overflow $(my_sanitize)
+        # Ensure default paths do not run in diagnostics unless SANITIZE_TARGET_DIAG
+        ifneq ($(filter integer_overflow, $(SANITIZE_TARGET_DIAG)),)
+          my_global_sanitize_diag := integer_overflow $(my_sanitize_diag)
+        endif
+      endif
+    endif
+  endif
+endif
+
 # Disable global CFI in excluded paths
 ifneq ($(filter cfi, $(my_global_sanitize)),)
   combined_exclude_paths := $(CFI_EXCLUDE_PATHS) \
@@ -211,6 +231,19 @@ ifneq ($(filter coverage,$(my_sanitize)),)
   my_sanitize := $(filter-out coverage,$(my_sanitize))
 endif
 
+# Use minimal diagnostics when integer overflow is enabled on userdebug and eng
+# and full diagnostics not enabled.
+ifneq ($(findstring integer,$(my_sanitize)),)
+  ifeq ($(findstring integer,$(my_sanitize_diag)),)
+    ifeq ($(filter address,$(my_sanitize)),)
+      # TODO(ivanlozano): uncomment after switch to clang-4536805
+      ifneq ($(filter $(TARGET_BUILD_VARIANT),userdebug eng),)
+        # my_cflags += -fsanitize-minimal-runtime
+      endif
+    endif
+  endif
+endif
+
 ifneq ($(filter integer_overflow,$(my_sanitize)),)
   ifneq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
     ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
@@ -226,7 +259,7 @@ ifneq ($(filter integer_overflow,$(my_sanitize)),)
       my_cflags += -ftrap-function=abort
       my_cflags += $(INTEGER_OVERFLOW_EXTRA_CFLAGS)
 
-      # Check for diagnostics mode (on by default).
+      # Check for diagnostics mode.
       ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
         my_cflags += -fno-sanitize-trap=signed-integer-overflow,unsigned-integer-overflow
         my_shared_libraries := $($(LOCAL_2ND_ARCH_VAR_PREFIX)UBSAN_RUNTIME_LIBRARY) $(my_shared_libraries)
diff --git a/core/envsetup.mk b/core/envsetup.mk
index 05add605d..a945b6228 100644
--- a/core/envsetup.mk
+++ b/core/envsetup.mk
@@ -657,3 +657,8 @@ endif
 ifeq ($(CALLED_FROM_SETUP),true)
 PRINT_BUILD_CONFIG ?= true
 endif
+
+# Set default integer overflow sanitization paths.
+# Separate from INTEGER_OVERFLOW_INCLUDE_PATHS to ensure this is not overridden.
+DEFAULT_INTEGER_OVERFLOW_PATHS := frameworks/ \
+                                  system/
diff --git a/core/product.mk b/core/product.mk
index 77f78a67f..53352483c 100644
--- a/core/product.mk
+++ b/core/product.mk
@@ -146,6 +146,7 @@ _product_var_list := \
     PRODUCT_SYSTEM_HEADROOM \
     PRODUCT_MINIMIZE_JAVA_DEBUG_INFO \
     PRODUCT_INTEGER_OVERFLOW_EXCLUDE_PATHS \
+    PRODUCT_INTEGER_OVERFLOW_INCLUDE_PATHS \
     PRODUCT_ADB_KEYS \
     PRODUCT_CFI_INCLUDE_PATHS \
     PRODUCT_CFI_EXCLUDE_PATHS \
diff --git a/core/product_config.mk b/core/product_config.mk
index 2cd801633..50d2b4b13 100644
--- a/core/product_config.mk
+++ b/core/product_config.mk
@@ -463,6 +463,11 @@ PRODUCT_MINIMIZE_JAVA_DEBUG_INFO := \
 PRODUCT_INTEGER_OVERFLOW_EXCLUDE_PATHS := \
     $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_INTEGER_OVERFLOW_EXCLUDE_PATHS))
 
+# Paths that should have integer overflow sanitization applied by default
+# (overrides excludes)
+PRODUCT_INTEGER_OVERFLOW_INCLUDE_PATHS := \
+    $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_INTEGER_OVERFLOW_INCLUDE_PATHS))
+
 # ADB keys for debuggable builds
 PRODUCT_ADB_KEYS :=
 ifneq ($(filter eng userdebug,$(TARGET_BUILD_VARIANT)),)
diff --git a/core/soong_config.mk b/core/soong_config.mk
index c7eefc987..cd5a5934d 100644
--- a/core/soong_config.mk
+++ b/core/soong_config.mk
@@ -94,6 +94,7 @@ $(call add_json_bool, Safestack,                         $(filter true,$(USE_SAF
 $(call add_json_bool, EnableCFI,                         $(call invert_bool,$(filter false,$(ENABLE_CFI))))
 $(call add_json_list, CFIExcludePaths,                   $(CFI_EXCLUDE_PATHS) $(PRODUCT_CFI_EXCLUDE_PATHS))
 $(call add_json_list, CFIIncludePaths,                   $(CFI_INCLUDE_PATHS) $(PRODUCT_CFI_INCLUDE_PATHS))
+$(call add_json_list, IntegerOverflowIncludePaths,       $(DEFAULT_INTEGER_OVERFLOW_PATHS) $(INTEGER_OVERFLOW_INCLUDE_PATHS) $(PRODUCT_INTEGER_OVERFLOW_INCLUDE_PATHS))
 $(call add_json_list, IntegerOverflowExcludePaths,       $(INTEGER_OVERFLOW_EXCLUDE_PATHS) $(PRODUCT_INTEGER_OVERFLOW_EXCLUDE_PATHS))
 
 $(call add_json_bool, ClangTidy,                         $(filter 1 true,$(WITH_TIDY)))